Is srpm allowed to violate a license if %prep restores compliance?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Greetings,
I am doing my first Fedora package review [1], for litehtml library. The source tree contains some bundled items that, in violation of original licenses, do not include a copy of the relevant licenses. There are two problem items:
1. gumbo-parser is included in source form and only contains link to the correct license in source files and repository README, but license text itself is not included like the license, Apache Software License 2.0, demands.
2. tools/xxd.exe is included as a (Windows) binary used during the build. It does not have any mention of licensing. Supposedly, it comes from Vim [2] and uses the Vim License [3], which also demands including copy of the license.
Neither of these are actually required for anything. Fedora already has the gumbo-parser package that can be used, while the Windows binary is obviously useless, but the vim-common package contains a usable xxd binary.
Since neither 1 or 2 is needed for anything, they can be removed in %prep section of the specfile. However, they still end up in the srpm. The fedora-review tool does not see this as a problem: "Note: Checking patched sources after %prep for licenses."
Is it really so that srpms are allowed have content that violates licenses, as long as %prep removes them? I am not able to find any explicit confirmation for this interpretation the the Licensing Guidelines [4]. Actually, the guidelines are generally do not make a clear distinction between srpms and binary rpms.
Perhaps somebody on this list understands this topic and can explain how this situation should be handled? 

Regards,
Otto

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1939875
[2]: https://github.com/vim/vim/tree/master/src/xxd
[3]: https://github.com/vim/vim/blob/master/LICENSE
[4]: https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/ 
_______________________________________________
packaging mailing list -- packaging@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to packaging-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/packaging@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite Forum]     [KDE Users]

  Powered by Linux